AWS DevSecOps Engineer

We are seeking a highly skilled AWS DevSecOps Engineer to join our team and drive the automation, security, and efficiency of our cloud-based infrastructure. This role will be pivotal in implementing DevSecOps best practices, ensuring secure, scalable, and resilient cloud environments, and integrating security as code into CI/CD pipelines. The ideal candidate will have a strong background in AWS, Kubernetes, Infrastructure as Code (IaC), CI/CD automation, and security compliance frameworks. Roles & Responsibilities: 1. Cloud Infrastructure & Automation: Design, implement, and manage secure AWS cloud environments with best practices in scalability, fault tolerance, and cost efficiency. Automate infrastructure provisioning using Terraform, AWS CloudFormation, or Pulumi. Implement Kubernetes (EKS) clusters and manage containerized applications using Helm and AWS ECS/Fargate. 2. CI/CD & DevSecOps Integration: Develop and maintain CI/CD pipelines using Jenkins, GitHub Actions, GitLab CI/CD, or AWS CodePipeline. Embed security as code within CI/CD workflows, enforcing security policies, compliance, and vulnerability scanning. Automate security testing using tools like Snyk, Trivy, SonarQube, OWASP ZAP, and Checkov. 3. Security & Compliance: Implement IAM policies, least privilege access control, and AWS security best practices (e.g., AWS GuardDuty, AWS Security Hub). Conduct infrastructure security audits, ensuring compliance with NIST, FedRAMP, HIPAA, or SOC 2 security frameworks. Integrate runtime security monitoring using AWS CloudTrail, AWS Config, AWS WAF, and AWS Shield. Harden Kubernetes security with OPA/Gatekeeper, Kyverno, or Pod Security Policies. 4. Monitoring, Logging & Incident Response: Deploy and maintain observability tools like Splunk, New Relic, Prometheus, Grafana, or AWS CloudWatch for system health monitoring. Establish automated alerting and incident response processes for threat detection and mitigation. Implement logging and SIEM integration for real-time security monitoring and compliance tracking. 5. Collaboration & Continuous Improvement: Work closely with development, security, and operations teams to embed DevSecOps culture and best practices. Advocate for Shift-Left Security, ensuring security is integrated from the earliest stages of the software development lifecycle (SDLC). Conduct threat modeling, risk assessments, and security training for engineering teams.

Dynanet started with a focus on IT infrastructure and operations, helping organizations enhance their networks and overcome the limitations of 1990s technology. From strengthening communication channels to introducing innovative ways to collaborate and share information, Dynanet played a crucial role in shaping the early stages of digital transformation. The company's efforts helped organizations build the very fabric of connectivity that now powers our modern world. Over the last three decades, Dynanet has grown into a trusted partner for organizations looking to innovate boldly and transform seamlessly. While technology continues to evolve and unlock new opportunities, for nearly 30 years, Dynanet remains committed to delivering cutting-edge solutions that drive lasting change for its customers. Through agility, foresight, and an unwavering dedication to excellence, Dynanet continues to empower organizations to thrive in a rapidly changing digital landscape. Our story is more than just a story of technology – it's a story of vision, growth, and transformation that has shaped the past and continues to pave the way for the future.